Follow

📱 Instant messaging clients. Choose wisely what you use to communicate.

A visualization by @niboe under CC BY SA license.

Please share ❤️

@satur @niboe for Signal, server bar must be orange. What they run on their servers now is not published. Last update of their repo was 9 months ago, AFAIK.

@IzzyOnDroid @satur @niboe

That's false. The server code was last updated a few days ago. It's not like there is actually anything complicated to do to just transfer encrypted blobs to the right person. Most of the validation is done client-side.

The signal-server repo is not the only one that is used. SecureValueRecovery and ContactDiscoveryService are used and up to date.

Given that it's all AGPLv3 and that they don't seem to have a CLA, it would be illegal for them to do what you claim.

@dreeg @satur @niboe Source for my claim: kuketz-blog.de/signal-server-s I know Mike personally. He's a renowned security expert and does not make "empty claims".

Checking, I see nothing has changed: last commit 4/2020. This Github repo is their official repo, it nowhere states "delayed mirror, see original there" – and it's the only place linked directly from their homepage.

So it's not "false" what I wrote. As you give no sources for "the other repos", it's for you to prove your counter-claim :wink:

@IzzyOnDroid @satur @niboe

> Checking, I see nothing has changed: last commit 4/2020

Indeed, I misread the date

But the securevaluerecovery repo was updated 19days ago. They use it for that: signal.org/blog/secure-value-r

The privatecontactdiscovery repo used for signal.org/blog/private-contac was last updated at the end of 2020

With the SGX enclaves, you can attest remotely that they are running the correct code.

@dreeg @IzzyOnDroid @satur @niboe ow, that is extremely interesting ! How can you check that ? That's something that I always thought would be nice to have, to not have to trust the server!

@silmathoron @IzzyOnDroid @satur @niboe

I don't exactly know how to do it myself but my understanding is that the client app does it automatically. The best idea is to look up how SGX enclaves work and the code related to secure value recovery and private contact discovery in the App itself.

@IzzyOnDroid @satur @niboe

Your source just says "look, the repo hasn't been updated in a while". But if you look at the history of the repo, it has had very few updates in its whole history. After all it's just a dumb forwarding service that doesn't do any kind of long term storage of messages, doesn't handle search or anything. The last updates are about updating the version of the dependency zkgroups (which they write), which handles the v2 of groups.

@IzzyOnDroid @satur @niboe

Since the v2 of groups has been released, there are now not many reason to need to update the server side. All recent features added to the app were 100% client side.

Your claim is completely baseless.

All the repos:

github.com/signalapp/zkgroup

github.com/signalapp/SecureVal

github.com/signalapp/ContactDi

@dreeg @satur @niboe So you're saying there are no updates in the only publically accessible place because no updates have been made to the software? That would make sense then, if confirmed. Though I'm not 100% convinced 😉

@IzzyOnDroid @dreeg @niboe maybe I am wrong, but my position is I don't trust Elon Musk, therefore I avoid :signal:

@satur @IzzyOnDroid @niboe

Many people recommended Signal way before Elon Musk talked about it. I have been using it for years. Snowden has been recommending it for much longer.

Signal was already being hyped as an alternative to WhatsApp before Elon jumped on the train. He just followed the trend (a took a lot of people with him), but he did not create it.

@satur @IzzyOnDroid @dreeg @niboe Snowden also recommends it and uses it every day. Do you trust him?

@satur @IzzyOnDroid @dreeg @niboe and thousands of security experts, cryptographers and independent security companies that audited signal several times and still recommend it?

@weltsnake @satur @dreeg @niboe and all confirmed the code is open source, and their Github repo always up-to-date? Please leave me out of the loop now. I wasn't questioning the *security* of signal – but only pointing out their repo might not be up-to-date. Two different pairs of shoes. /EOF

@weltsnake @niboe @dreeg @IzzyOnDroid @satur #Snowden's hasty original endorsement was later revised to show his diminished enthusiasm. Of course, signal.org continues to advertize the original quote.

@satur @niboe @dreeg @IzzyOnDroid There are copious good reasons to avoid #Signal: github.com/privacytoolsIO/priv Freeness of server code on a closed network where the central controller doesn't assert in their disclosures a guarantee that they even run the public code is useless anyway.

@koherecoWatchdog @satur @niboe @dreeg And now the standard howling: "But Snowden recommends it!" – Edward also repeatedly said and wrote (using my own words here as I don't remember the exact phrasing): "Don't trust blindly. Rather ensure that no trust is needed." Which exactly fits here: transparency would ensure you've got to trust noone. As it stands now, you've got to trust multiple parties.

And (just crossed), as you wrote: he even revised his "endorsement". But still uses Signal.

@IzzyOnDroid @dreeg @niboe @satur I personally put no stock in Snowden's endorsements. He himself uses MS Windows IIRC. His audience is normies & his goal is to get masses of novices on a less surveilled path so usability for novices plays into his advice. Even though I generally scrap specific tool recommendations from Snowden, we have to pay attention b/c so many ppl take his endorsements like gold.

@satur @niboe @dreeg @IzzyOnDroid OTOH, Snowden's philosophical quotes are quite good, like the one you mention.

@IzzyOnDroid @dreeg @niboe @satur My favorite quotes from Snowden: "Arguing that you don't care about the right to privacy because you have nothing to hide is no different than saying you don't care about free speech because you have nothing to say." "Under observation, we act less free, which means we effectively are less free."

@koherecoWatchdog
It's nice his story makes privacy invading tools more difficult to exploit. Thanks to Snowden, WhatsApp is encrypted, and it doesn't scrape your messages for Facebook advertising.
@IzzyOnDroid @dreeg @satur

@frank87 I wouldn't be too sure about the FB part. After all, WA by default stores it backups unencrypted at GDrive. I'd not be much surprised if their E2E is rather an E2F2E. Has there ever been an audit to the entire WA platform confirming the security model and the thing being really E2E, no backdoors on their server or anywhere else, or "other surprises"?

@IzzyOnDroid @dreeg @niboe @satur People often point out that Snowden uses Signal himself, but his threat model and needs are wildly different from the general public. He must reach a wide audience which includes ppl not competent with anything harder to use. If he were to use Wire the metadata would threaten his correspondants who would become linked to him.. but eg. using Wire w/in a family doesn't carry that risk.

@koherecoWatchdog @IzzyOnDroid @dreeg @satur surely based on his own threat model Snowden would be best off using something like Session? Everything goes through an onion router, no accounts, not even usernames. If metadata is a huge deal in his threat model Session is better than Signal which uses phone numbers as usernames.

@koherecoWatchdog
Always remember your threat model...
There is too much "this tool is better cause it uses encryption" going around.
@IzzyOnDroid @dreeg @satur

@koherecoWatchdog @satur @niboe @dreeg @IzzyOnDroid Also, any tool that uses your actual mobile phone number as a username is inherently insecure!

@dheadshot @koherecoWatchdog @satur @niboe @IzzyOnDroid

Why? Signal allows you to protect your phone number with a password to avoid having someone else register it if you are still using it.

@dreeg @IzzyOnDroid @niboe @satur @dheadshot there are countless compromises and attack vectors that can result from exposure of a mobile number. Duplicate registration is not one of them, password protected or not, because username is a primary key.

@dheadshot @satur @niboe @IzzyOnDroid @dreeg but note that it may be possible for someone to impersonate you if you have a mobile phone that's not registered w/Signal. E.g. someone gets brief access to your phone, they sign up for Signal using your phone, vacate your phone, then use those creds on their phone.

@koherecoWatchdog @dheadshot @satur @niboe @IzzyOnDroid

Username squatting can be an issue with any messenger. The example you gave is outside of the scope of what Signal can do, usernames not proof of identity, only cryptographic fingerprints are. Even if you assume that the phone number you are talking to belongs to the right person, you should still verify the security codes to be sure that the conversation is private.

@dreeg @IzzyOnDroid @niboe @satur @dheadshot indeed, cautious expert users wouldn't be fooled by impersonation. In reality, it can be quite difficult to force the other party do a fingerprint verification. I sent half my fingerprint out-of-band to a correspondant & half of her FP. I told her to send me the other halves. she lied to me and said "verified" without send me the other halves. She ducked & dodged the process.

@dheadshot @satur @niboe @IzzyOnDroid @dreeg Ultimately I could not verify her. Signal is worse yet, b/c novice users are even less inclined to verify

@dreeg @IzzyOnDroid @niboe @satur @dheadshot in any case, the idea that having a p/w somehow prevents dupe registration is flawed. It only adds risk to have a mobile number for a username. One of many risks is that it can be used for password recovery by an adversary

@dheadshot @satur @niboe @IzzyOnDroid @dreeg also, username squatting is more of a threat when the username is a phone number. Novice users are more likely to distrust an impersonator if it's a freely chosen word, vs. a phone number.

@koherecoWatchdog @dheadshot @satur @niboe @IzzyOnDroid

Why?

In the example you gave, you need access to someone's SMS to be able to register an account with their phone number. If Signal used usernames, you wouldn't even need to access thr person's SMS to impersonate them.

@koherecoWatchdog @dheadshot @satur @niboe @IzzyOnDroid

I do agree that the use of phone numbers makes Signal unusable to communicate with people without giving them your identity, but this doesn't make the app "insecure". It's simply a use case that was out of scope originally.

@dreeg
Yes it does, by definition. There are 3 components to security: confidentiality, integrity, & availability. Anonymity falls under confidentiality (specifically confidentiality of identity).

Show newer

@dreeg
"you need access to someone's SMS to be able to register an account with their phone number." <= you answered your own question. This is exactly why impersonation is more successful w/ph#s. Novice users assume that their correspondant's phone is in their possession at all times.

@koherecoWatchdog @dheadshot @satur @niboe @IzzyOnDroid

The failure is on you, I've been able to verify tons of non tech saavy friends with the QR codes

@dreeg
You're confused. It's not a tech limitation; it's psychology. Calling someone a "failure" b/c they lacked the power to force someone else to do something is perversely idiodic.

In the case at hand, the other party was actually someone who worked for me. Even with some power over them, they are ultimately in control of their own actions. It took arm-twisting just to get an agreement to use e2ee. My choice was: fire her or not, but either way she was not doing the fingerprint chk.

@dreeg
#Briar for example doesn't give the possibility of linking to unverified accts.

Also, apps that don't need a mobile# allow users to freely type a username, so it's inherently obvious to even the most novice of users that verification is needed. Whereas with mobile#s the normies are like "meh, it's their phone# how could it be someone else?" They just trust it blindly.

@dreeg
#Briar for example doesn't give the possibility of talking to unverified accts.

Also, apps that don't need a mobile# allow users to freely type a username, so it's inherently obvious to even the most novice of users that verification is needed. Whereas with mobile#s the normies are like "meh, it's their phone# how could it be someone else?" They just trust it blindly.

@koherecoWatchdog

> #Briar for example doesn't give the possibility of talking to unverified accts.

Ping me when you get a non tech-saavy person to talk to you via Briar, or olvid, or any other app that does that.

@dreeg That's irrelevant. You asked how all e2ee IM tools don't have the same problem. #Briar is an existing tool that proves the point.

I also don't see how Briar requires an advanced user, not that it's relevant to the point. You might say one of the two parties needs to be advanced enough to handle the setup, but day-to-day operation is easier.

@koherecoWatchdog

You said you couldn't get someone to authenticate, so Briar would be a better option. But if someone won't authenticate with Signal, they won't either with Briar, and they'll just stay on an non-E2EE messaging app, which is arguably worse.

Show newer

@koherecoWatchdog

You're just accusing Signal of being useless because it doesn't address a specific point that it was never designed to address.

This doesn't render the whole app useless.

@satur Matrix ,XMPP and Telegram leaks metadata. So I would like to go for Signal.

@orionholmes @satur

They likely leak metadata too. Phone numbers are merely hashed (crackable) and Signal is now hosting in Google servers (PRISM).

@jcast @satur it doesn't matter that Signal is using Google server 'coz everything is on Signal E2EE and server has zero (0) knowledge about whom talking to whom and which message going to whom.

@orionholmes @satur

It's possible to get metadata given enough time. This has been shown to be possible by breaking the hash on the phone numbers.

Also the public server repository of Signal server is not updated for months so the Signal server is really no longer open source.

So PRISM can likely find out who is in touch with who.

@orionholmes @satur

Then on the political aspect, there is an ongoing war on true E2EE in the US and EU, GAFAM is taking down non-aligned platforms. Next scene Elon Musk endorses Signal, Signal outsources to Google servers. Element (matrix/riot) has just been suspended from Google Play Store.

@jcast @orionholmes this is exactly how I see it. Suspicious enough to keep away.

Sign in to participate in the conversation
Fosstodon

Fosstodon is an English speaking Mastodon instance that is open to anyone who is interested in technology; particularly free & open source software.